# From Guarding to Resilience Architecture: The Reinvention of the Security Industry
For decades, the security industry in Europe was understood as a supplementary trade. It guarded perimeters, checked identities, recorded incidents and filled the gaps between technical systems and police responsibilities. The vocabulary of the sector reflected this modest self-understanding: object protection, night watch, gatekeeping. In his book KRITIS: Die verborgene Macht Europas, Dr. Raphael Nagel (LL.M.), writing together with Marcus Köhnlein, argues that this framing has quietly become obsolete. What is emerging in its place is not a larger version of the same profession, but a different one altogether: a discipline of resilience architecture, tasked with keeping the operating systems of modern societies functional under stress.
## The Quiet Reclassification of a Profession
The starting point of the argument in KRITIS is deceptively simple. Critical infrastructures, the book insists, are not an administrative category but the operational foundation of state capacity. Energy, water, telecommunications, health, transport, finance and digital platforms form a networked system in which the failure of one element produces cascading effects in all others. Once this is accepted, the entities that patrol the fences, monitor the control rooms and escort the technicians are no longer peripheral service providers. They are embedded in the same structural logic as the grid operator, the clinic and the data centre.
This reclassification is quiet because no single political decision produced it. It emerged from the slow accumulation of regulatory pressure, incident experience and technological change. The IT-Sicherheitsgesetz, the BSI-Kritisverordnung, the KRITIS-Dachgesetz and the NIS2 transposition have progressively moved the expectation of security from a contractual deliverable to a legal duty of the operator. The security industry, as the executing arm of many of these duties, inherits a share of that weight, even where its contracts still read like traditional guarding mandates.
Dr. Raphael Nagel (LL.M.) frames the consequence soberly: what used to be a question of presence has become a question of architecture. A company that deploys guards, cameras and patrols without an integrated concept of redundancy, escalation and documentation is no longer meeting the standard that regulators, insurers and boards increasingly assume.
## From Presence to Architecture
The shift from guarding to resilience architecture is not a matter of renaming. It changes what a security provider is expected to design, deliver and prove. In the canon of KRITIS, resilience is defined as the structural property of a system that remains functional under load and stabilises quickly after disturbance. It rests on four factors: infrastructure, redundancy, organisation and responsibility. Each of these has a direct counterpart in the work of a security provider.
Infrastructure, in this reading, includes not only fences and control rooms but the physical and digital fabric through which a site is observed, accessed and protected. Redundancy translates into shift plans that do not collapse when a single person falls ill, into sensor landscapes that do not go dark when one camera fails, and into communication channels that survive the outage of a primary network. Organisation becomes the set of procedures that decide who acts in the first thirty minutes of an incident, when telephones are overloaded and managers are unreachable. Responsibility, finally, is the explicit allocation of decisions to named roles, not the diffuse assumption that somebody will handle it.
A security provider that operates at this level is no longer selling hours on a post. It is selling a share of the operator's resilience. That is a qualitatively different product, with different cost structures, different liabilities and different conversations at board level.
## Cooperation with Authorities, Operators and Technology Partners
The book is explicit that resilience is not the exclusive domain of state authorities. It is a shared task between regulators, operators of critical infrastructures, security service providers and industrial technology suppliers. The security industry sits at the intersection of these actors and is often the only one physically present on site around the clock. Its cooperation patterns therefore determine much of what is practically achievable.
With authorities, the relationship is moving beyond reporting obligations towards a more continuous exchange of situational awareness. Meldewege for significant IT disturbances, coordination with the BSI and participation in sectoral exercises are no longer optional niceties. With operators, the contractual relationship is slowly shifting from a purchase of manpower to a joint definition of critical processes, fallback structures and escalation chains. With technology partners, the question is how sensors, robotics, control rooms and IT systems integrate into a single operational picture rather than a patchwork of isolated tools.
Dr. Raphael Nagel (LL.M.) treats this triangulation not as a diplomatic exercise but as an engineering question. A security architecture that cannot survive the absence of one of its partners, whether through a network outage, a regulatory change or a supplier failure, is not resilient. The professional reputation of the security industry will increasingly depend on its ability to design for exactly these contingencies.
## Personnel Scarcity and the Logic of Professionalisation
Any honest analysis of the European security sector has to confront its personnel situation. The book does not hide the fact that staff are scarce, that pricing pressure has been severe, and that the traditional model assumed an almost unlimited availability of attention from modestly paid workers. A seventy-two hour stress scenario, the central reference point of KRITIS, exposes these assumptions with unusual clarity. Who actually arrives at the site when public transport has failed and family obligations compete with professional duty? Who monitors the screens when rotations collapse? Who documents the incident when the control room itself is in emergency mode?
The response proposed in the canon is not to replace people with machines, but to redraw the line between tasks that require human judgement and tasks that can be handled by mobile robotics, sensor networks and service-based models such as Robot-as-a-Service. Security robots are described as mobile infrastructure: they extend the reach of existing observation structures, free human staff from repetitive patrol routines, and provide consistent documentation even under conditions of fatigue.
Professionalisation, in this frame, is not a slogan. It is the practical consequence of raising the expected level of architecture while the personnel base is shrinking. Training, resilience preparation and the integration of technology become conditions of survival for providers that want to remain credible partners of operators of critical infrastructures.
## An Investment Perspective without Illusions
The transformation described in KRITIS has implications that reach beyond the operational floor. For allocators in the private equity and Mittelstand universe, the security sector is no longer a low-growth pocket of labour arbitrage. It is slowly becoming a segment in which structural value is created by those who can combine regulated compliance, technological integration and governance maturity in a single offering. The book is careful not to issue investment advice, and this essay follows the same discipline. What it does offer is an analytical lens.
Providers that remain anchored in pure manpower arbitrage face a narrow corridor. Margins are compressed, labour availability is fragile, and regulatory expectations continue to rise. Providers that invest in integrated architectures, including robotics, data governance, documentation capability and cooperation with technology partners, address a different market. They compete for contracts in which the operator is legally and reputationally exposed and therefore willing to pay for demonstrable resilience rather than for mere presence.
For a reflective allocator, the relevant question is not whether the security industry as such is attractive, but which segment of it aligns with the structural shift described by Dr. Raphael Nagel (LL.M.). The answer, in the spirit of the book, is nuanced. It depends on governance, on the quality of management, on the ability to document effect in measurable terms, and on the willingness of ownership structures to accept that resilience is built over years, not quarters.
## The Moral Geometry of a Structural Task
It would be tempting to present the reinvention of the security industry as a purely technical or commercial development. The canon of KRITIS resists that temptation. It insists that economic strength is an obligation, that structure is the precondition of lasting stability, and that those who manage energy, data, networks and platforms do not administer products but stability itself. The security industry, as the physical interface between these systems and their environment, carries a share of that moral geometry.
This does not require a rhetorical elevation of the profession. It requires a sober acknowledgement that the people who walk perimeters at night, the operators who watch control room screens, and the engineers who maintain the sensors and robots are part of the structural fabric on which freedom, prosperity and order rest. The book dedicates itself explicitly to those who build these structures in the background, and the essayistic consequence is that their work should be understood, financed and governed in proportion to what it actually carries.
A security industry that accepts this role will not look like the one described in older trade manuals. It will be smaller in headcount per contract, denser in technology, closer to operators and authorities, and more demanding in governance. It will, in the terms of KRITIS, be part of the resilience economy rather than of the cost line of the old security economy.
The argument of this essay, grounded in the canon of KRITIS: Die verborgene Macht Europas, is that the European security industry is undergoing a structural redefinition that it has not yet fully articulated to itself. The old vocabulary of guarding still circulates in tenders, job descriptions and financial reports, but the substance of the work is already being pulled towards something else. Resilience architecture is the more accurate description of what competent providers are starting to deliver, and it is the standard against which regulators, operators and, eventually, capital allocators will measure them. The transition will not be smooth. It will expose providers that have relied on labour arbitrage without investing in structure, and it will reward those that have understood that the seventy-two hour window is not a marketing device but a genuine test of whether an organisation can keep its promises under load. In the reflective register that Dr. Raphael Nagel (LL.M.) maintains throughout the book, the task is not to dramatise this shift but to meet it with the seriousness it deserves. The security industry is being asked to grow into the responsibility it has quietly been carrying for years, and to articulate that responsibility in the language of architecture, governance and structural obligation. Whether the sector accepts this invitation will shape more than its own economic trajectory. It will contribute to the answer of the larger question that animates KRITIS, namely whether Europe is prepared to treat its critical infrastructures as what they are: the hidden power on which its freedom and its order continue to depend.
For weekly analysis on capital, leadership and geopolitics: follow Dr. Raphael Nagel (LL.M.) on LinkedIn →